We Care About Keeping Your Data Safe and Protected.
What is GDPR?
The General Data Protection Regulation (GDPR) is the toughest privacy and security law in the world. Though it was drafted and passed by the European Union (EU), it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. The regulation was put into effect on May 25, 2018. The GDPR will levy harsh fines against those who violate its privacy and security standards, with penalties reaching into the tens of millions of euros.
With the GDPR, Europe is signaling its firm stance on data privacy and security at a time when more people are entrusting their personal data with cloud services and breaches are a daily occurrence. The regulation itself is large, far-reaching, and fairly light on specifics, making GDPR compliance a daunting prospect, particularly for small and medium-sized enterprises (SMEs).
GDPR Services
Assessment & Discovery Services
- GDPR Compliance & Privacy Impact Assessment
- Identify existing policies, procedures and other accountability mechanisms that are already providing rules and guidelines for processing personal data in your organization that may be leveraged and enhanced for GDPR compliance
Remediation Services
- Identify policy objective, define, review & enforce policy framework
- Will be facilitated using end-to-end devops services, legacy apps modernization, unified testing of services including APIs & microservices.
On Going Management Services
- Continuous Compliance Management
- PII Data Modelling and Visualization
- Data Protection Security Controls Management & Monitoring
EU- Representative
If your organisation has no business presence in Europe but wants to be GDPR compliant for the EU market you need to appoint an EU representative. We serve as your EU representative, in compliance with Article 27 of the EU GDPR.
What We Do
General Data Protection Regulation Audits
We inspect the maturity of the systems used in personal data processing and carry out risk analysis according to GDPR Services internal process templates. This revolves around IT topics like encryption, data backup, logging, UserID operations, and non-IT ones like physical security and document lifecycle. We then discuss draft recommendations specified in Stage 1 with you, propose concrete IT solutions, and draw a roadmap for achieving GDPR compliance.
STAGE 1 – preliminary system evaluation (3-5 days)
We strive to get a clear view of your operations in terms of: security and privacy by design, information duties and procedures, methods of data collection, breach notification schemes, exercise of individual rights or data portability. Based on that, we make draft recommendations for how to effectively fulfill GDPR requirements.
STAGE 2 – preparation to securing the data (2-4 weeks)
We inspect the maturity of the systems used in personal data processing and carry out risk analysis according to GDPR Services internal process templates. This revolves around IT topics like encryption, data backup, logging, UserID operations, and non-IT ones like physical security and document lifecycle. We then discuss draft recommendations specified in Stage 1 with you, propose concrete IT solutions, and draw a roadmap for achieving GDPR compliance.